Some minor changes, as I was reading the code wrong.... rlm_ldap calls fr_pair_value_from_str(), which does take a length from LDAP. But the code it calls still treats the input string as a printed string, and tries to parse it. Which means double quotes, zeros, etc. still need to be escaped. Alan DeKok.